Revoke helps consumers to take back control of their personal data, whilst also helping organisations be compliant with relevant data protection legislation by providing strong identity verification and a secure communication channel.

Nobody (not even Revoke) can access personal data sent from organisations to consumers.

When acting on behalf of a Revoke app user, individual requests are made by Revoke via email or API calls in accordance with that user’s preferences to stop marketing, retrieve or delete their data from a given organisation.  A minimal data set is initially shared with each organisation; the data controller is able to request additional information from the user such as email address(es), mobile phone number(s) or even verified Photo ID and selfie (to be sure they are dealing with the right person, and to confirm Revoke is acting on their behalf).

Data controllers have between 28 – 45 days to respond to basic requests depending on their jurisdiction. By using the free Revoke portal, the data controller can be sure that any responses are only ever visible by the individual who made the request.